Quite well might be a DDOS attack, there seems to be a upsurge of DDOS attacks in the past month.

The problem with DDOS attacks is well its distributed from many sources (often faked) and to many destination.

If a person with a large enough bot net had access to 1000's bots its very easy to max out NZ ISP's international transit links with almost entirely the DDOS attack. DDOS Attack detection is a bit of a pain and I suspect orcon are trying to attack it by setting a low QoS on ICMP traffic of what I have noticed most attacks the method is ICMP as the source can be faked really easy and some poor person somewhere around the world suddenly gets hammered with a load of replys.

Oriphix: Yet no ETA nothing on the Network Status page. This is so bad for the 3rd largest ISP in NZ to be like this.

Usually faults have no ETR until the cause of the fault has been diagnosed this is standard across allot of telco's around the world and in NZ. The reason why is customers moan more if they give a ETR and the ETR is not meet because it was a "Estimated Time of Resolution" and a fault cause was not meet. Sadly the fix to stop the "moaning" is to keep people in the dark about the problem until the cause has been diagnosed then release the ETR and then usually the fault is fixed before the ETR time is up.

Also :-P Orcon is NZ 4th Largest ISP so I understand.... Xtra, TCL(Now Vodaclear), Slingshot, Then Orcon.... (Excluding Mobile Network)

Quite well might be a DDOS attack, there seems to be a upsurge of DDOS attacks in the past month.

The problem with DDOS attacks is well its distributed from many sources (often faked) and to many destination.

If a person with a large enough bot net had access to 1000's bots its very easy to max out NZ ISP's international transit links with almost entirely the DDOS attack. DDOS Attack detection is a bit of a pain and I suspect orcon are trying to attack it by setting a low QoS on ICMP traffic of what I have noticed most attacks the method is ICMP as the source can be faked really easy and some poor person somewhere around the world suddenly gets hammered with a load of replys.

Well I'm only guessing so probably is a bit strong a word. There are in general quite a few small ddos attacks around the world regularly. You don't even need 1000's of bots, a single dedicated server can easily swamp a dsl connection. Hell, a ufb connection can dos a dsl connection. You just have to continuously send more data than the recipient can handle.

DDOS attack detection is actually pretty simple in the grand scheme of things. Getting a bit technical, but you can basically just pass through sflow data to another host at the same dc as the router, that then looks for abnormalities, excessive flows to a host etc.

Of course there are complications like false-positives, and a large amount of data to parse. But even the cheapest 1u new server available now should be able to process enough data to detect significant DDOS attacks easily. With sflow people often operate in a mode where not every single flow is counted - making it not great for traffic accounting, but fine for detecting ddos attack, strange traffic patterns, traffic distribution etc.

It doesn't really matter if it's icmp, or udp, or syn attacks or what. There are lots of different amplification attacks, but most ddos attacks are many to one, not many to many, so null routing the destination ip can significantly reduce impact. This can be scripted/automated, and a lot of transit providers offer blackholing/nullrouting of single ip addresses, so load can be taken off upstream transit links too.

As far as false positives you have to weigh it against customer impact, that is why doing it to dsl subnets is much easier to justify than servers. You don't want to null route your recursive dns server, but null routing a user is much less harmful. As well, if a user can easily be disabled it discourages users from going to greater efforts to disable the user. It's like locking or not locking a car with a broken engine. If there's nothing valuable inside, then locking it may encourage someone to break a window to get in, creating more damage than if it was just left unlocked.

Oriphix: Yet no ETA nothing on the Network Status page. This is so bad for the 3rd largest ISP in NZ to be like this.

Usually faults have no ETR until the cause of the fault has been diagnosed this is standard across allot of telco's around the world and in NZ. The reason why is customers moan more if they give a ETR and the ETR is not meet because it was a "Estimated Time of Resolution" and a fault cause was not meet. Sadly the fix to stop the "moaning" is to keep people in the dark about the problem until the cause has been diagnosed then release the ETR and then usually the fault is fixed before the ETR time is up.

Also :-P Orcon is NZ 4th Largest ISP so I understand.... Xtra, TCL(Now Vodaclear), Slingshot, Then Orcon.... (Excluding Mobile Network)

i was curious about the 3rd thing too, but I have no idea who's bigger slingshot or orcon. and what do you consider bigger anyway? more bandwidth? more revenue? more customers? i suspect orcon may have more bandwidth than slingshot, but slingshot have more customers. but slingshot have done bittorrent caching etc to improve bandwidth utilisation for a long time.

I've had a horrid experience of late. I'm consistently getting pings of 450ms to US Blizzard servers with several spikes every minute of up to 2000ms - and only after 6pm. Playing X-box live is hit and miss. My downloads are real slow as well. I pay extra for unthrottled broadband and I've found that over the last 6 months the quality of service from Orcon has dropped.

After being a loyal customer for a number of years that has encouraged friends to become Orcon customers, I think I will leave and try snap now. I even pointed a friend who has signed up to Orcon UFB to this forum who has since cancelled his application.

I will say that the techs on this forum do a great job and I appreciate the help I've had here - keep up the good work. This forum provides a better service than going onto the orcon web site or calling the help desk.

charliebrownnz: I've had a horrid experience of late. I'm consistently getting pings of 450ms to US Blizzard servers with several spikes every minute of up to 2000ms - and only after 6pm. Playing X-box live is hit and miss. My downloads are real slow as well. I pay extra for unthrottled broadband and I've found that over the last 6 months the quality of service from Orcon has dropped.

After being a loyal customer for a number of years that has encouraged friends to become Orcon customers, I think I will leave and try snap now. I even pointed a friend who has signed up to Orcon UFB to this forum who has since cancelled his application.

I will say that the techs on this forum do a great job and I appreciate the help I've had here - keep up the good work. This forum provides a better service than going onto the orcon web site or calling the help desk.

i think most people on orcon who are playing on blizzard servers are already using vpns.

charliebrownnz: I've had a horrid experience of late. I'm consistently getting pings of 450ms to US Blizzard servers with several spikes every minute of up to 2000ms - and only after 6pm. Playing X-box live is hit and miss. My downloads are real slow as well. I pay extra for unthrottled broadband and I've found that over the last 6 months the quality of service from Orcon has dropped.

After being a loyal customer for a number of years that has encouraged friends to become Orcon customers, I think I will leave and try snap now. I even pointed a friend who has signed up to Orcon UFB to this forum who has since cancelled his application.

I will say that the techs on this forum do a great job and I appreciate the help I've had here - keep up the good work. This forum provides a better service than going onto the orcon web site or calling the help desk.

i think most people on orcon who are playing on blizzard servers are already using vpns.

How does a VPN make things better for playing on blizzard servers? I wouldn't think gaming undergoes any shaping or throttling.

charliebrownnz: I've had a horrid experience of late. I'm consistently getting pings of 450ms to US Blizzard servers with several spikes every minute of up to 2000ms - and only after 6pm. Playing X-box live is hit and miss. My downloads are real slow as well. I pay extra for unthrottled broadband and I've found that over the last 6 months the quality of service from Orcon has dropped.

After being a loyal customer for a number of years that has encouraged friends to become Orcon customers, I think I will leave and try snap now. I even pointed a friend who has signed up to Orcon UFB to this forum who has since cancelled his application.

I will say that the techs on this forum do a great job and I appreciate the help I've had here - keep up the good work. This forum provides a better service than going onto the orcon web site or calling the help desk.

i think most people on orcon who are playing on blizzard servers are already using vpns.

How does a VPN make things better for playing on blizzard servers? I wouldn't think gaming undergoes any shaping or throttling.

it gets around the cogent issues, international issues, etc. blizzard servers have had issues on orcon on and off for ages. like really 450, is over twice as high as it should be. it should be under 200 even in dunedin.

charliebrownnz: I've had a horrid experience of late. I'm consistently getting pings of 450ms to US Blizzard servers with several spikes every minute of up to 2000ms - and only after 6pm. Playing X-box live is hit and miss. My downloads are real slow as well. I pay extra for unthrottled broadband and I've found that over the last 6 months the quality of service from Orcon has dropped.

After being a loyal customer for a number of years that has encouraged friends to become Orcon customers, I think I will leave and try snap now. I even pointed a friend who has signed up to Orcon UFB to this forum who has since cancelled his application.

I will say that the techs on this forum do a great job and I appreciate the help I've had here - keep up the good work. This forum provides a better service than going onto the orcon web site or calling the help desk.

i think most people on orcon who are playing on blizzard servers are already using vpns.

How does a VPN make things better for playing on blizzard servers? I wouldn't think gaming undergoes any shaping or throttling.

it gets around the cogent issues, international issues, etc. blizzard servers have had issues on orcon on and off for ages. like really 450, is over twice as high as it should be. it should be under 200 even in dunedin.

Would it get around my x-box live issues? I take it that if I change ISP's I should look for a provider that doesn't use cogent?

In saying that, the problem isn't limited to blizzard servers, if I do a speedtest to any north american server it is sub-standard.

charliebrownnz: I've had a horrid experience of late. I'm consistently getting pings of 450ms to US Blizzard servers with several spikes every minute of up to 2000ms - and only after 6pm. Playing X-box live is hit and miss. My downloads are real slow as well. I pay extra for unthrottled broadband and I've found that over the last 6 months the quality of service from Orcon has dropped.

After being a loyal customer for a number of years that has encouraged friends to become Orcon customers, I think I will leave and try snap now. I even pointed a friend who has signed up to Orcon UFB to this forum who has since cancelled his application.

I will say that the techs on this forum do a great job and I appreciate the help I've had here - keep up the good work. This forum provides a better service than going onto the orcon web site or calling the help desk.

i think most people on orcon who are playing on blizzard servers are already using vpns.

How does a VPN make things better for playing on blizzard servers? I wouldn't think gaming undergoes any shaping or throttling.

it gets around the cogent issues, international issues, etc. blizzard servers have had issues on orcon on and off for ages. like really 450, is over twice as high as it should be. it should be under 200 even in dunedin.

Would it get around my x-box live issues? I take it that if I change ISP's I should look for a provider that doesn't use cogent?

In saying that, the problem isn't limited to blizzard servers, if I do a speedtest to any north american server it is sub-standard.

the Cogent issue should have passed now, you can't really get away from cheap transit providers in the US being used from NZ..

the issues with international at the moment seem to not be too related to path, and specific to orcon/odyssey.

Any one elses net just go down? Restarted the genuis modem and ONT, no connection whatso ever. Orcon have way, way to many problems. Really disappointed in the service I had from them, it has so many problems, and now I can't even game on XBL at night due to pings going all over.

Brandonrnz: Any one elses net just go down? Restarted the genuis modem and ONT, no connection whatso ever. Orcon have way, way to many problems. Really disappointed in the service I had from them, it has so many problems, and now I can't even game on XBL at night due to pings going all over.

Yup, I just came home for a 1 hour break between classes and my internet was down for 20 minutes. I had more reliable, faster and more stable internet when I was on slingshot, Orcon just seems absolutely awful since I joined in November.

Brandonrnz: Any one elses net just go down? Restarted the genuis modem and ONT, no connection whatso ever. Orcon have way, way to many problems. Really disappointed in the service I had from them, it has so many problems, and now I can't even game on XBL at night due to pings going all over.

Yeah they had there Auth server go down. Our UFB at work died so called them.Its up now if it doesn't work restart the CPE and test.